Reddit just revealed that they experienced a security breach as a result of an intercepted SMS based 2FA. Another post on SMS 2FA refers to flaw in the telecom’s ss7 protocol that was used to perform the breach.
I’m not sure if the Reddit incident involved the ss7 technique or some sort of spear phishing to get some malicious code installed on the device that received the SMS. However if an intercept was used I would have expected the original device to have received the message and the owner realizing they didn’t request it and alert their company’s security team. That being said, would the hackers have been able to block the legitimate device from getting their request for an SMS 2FA or would they have had to wait for the target to request one and just try to beat them to the login?